Security Value Map
Empirical data from individual Test Reports and Comparative Reports is used to create NSS Labs’ unique Security Value Map™ (SVM). The SVM illustrates the relative value of security investments by mapping Security Effectiveness against Operating Expense (Opex) per System for tested product configurations.

Security Value Map Comparative Report
The Security Value Map™ (SVM) Comparative Report provides an aggregated view of the detailed findings from this NSS Labs group test. Enterprise security decision makers can use the report to determine the relative value of security investments.

Endpoint Detection and Response Comparative Report
The Endpoint Detection and Response (EDR) Comparative Report provides detailed comparisons across all tested products in the areas of security effectiveness and Operating Expense (Opex) per System. The security effectiveness of products was assessed by determining their ability to detect threats and continuously log forensic reporting artifacts about threats, while remaining resistant to false positives and evasion techniques.

Products were also assessed to determine their Opex per System and ROI. The NSS Labs opex model determines the relative security and relative cost of EDR systems. The model assumes that enterprises that do not deploy EDR systems, or that deploy EDR systems with low detection and reporting capabilities, will incur less security savings. This is because additional operational overhead will be required to remediate the effects of a compromised system and protect the business.

Test Reports
Test Reports provide detailed analysis on each product tested. They help enterprise security teams understand a product’s features as well as its limitations and can be used to shortlist products for further evaluation and proof-of concept testing. Data from these reports is used in the NSS Labs Comparative Reports.

Looking for something else? Ask an analyst.

As with all NSS Labs group tests, there was no fee for participation. All testing was conducted independently and was not paid for by any vendor. In addition, the test methodology applied is in the public domain to provide transparency and to help enterprises understand the results.

  • Arc4dia SNOW Self-Managed v12.18.0

  • CounterTack+GoSecure Endpoint Protection Platform v5.8.4

  • Cybereason Deep Detect v18.0

  • RSA NetWitness Endpoint v4.4.0.0